From c2dd9789c50d370699fab5beef2a04706cd2407b Mon Sep 17 00:00:00 2001
From: ebremner <ebremner@uwaterloo.ca>
Date: Tue, 14 Jul 2020 12:29:34 -0400
Subject: [PATCH] ISTWCMS-3921: adding class to handle UW permissions
---
src/UwPermissions/UwPermissions.php | 206 ++++++++++++++++++++++++++++
1 file changed, 206 insertions(+)
create mode 100644 src/UwPermissions/UwPermissions.php
diff --git a/src/UwPermissions/UwPermissions.php b/src/UwPermissions/UwPermissions.php
new file mode 100644
index 00000000..a97a2f87
--- /dev/null
+++ b/src/UwPermissions/UwPermissions.php
@@ -0,0 +1,206 @@
+<?php
+
+namespace Drupal\uw_cfg_common\UwPermissions;
+
+
+/**
+ * Class UwPermissions.
+ */
+class UwPermissions {
+
+ /**
+ * Get UW roles.
+ *
+ * @return array
+ * An array of the UW roles to be used on this form.
+ */
+ public static function uw_get_roles(): array {
+
+ // UW site manager role.
+ $uw_roles['Site manager'] = [
+ 'name' => 'Site manager',
+ 'id' => 'uw_role_site_manager',
+ 'object' => \Drupal\user\Entity\Role::load('uw_role_site_manager'),
+ ];
+
+ // UW content editor role.
+ $uw_roles['Content editor'] = [
+ 'name' => 'Content editor',
+ 'id' => 'uw_role_content_editor',
+ 'object' => \Drupal\user\Entity\Role::load('uw_role_content_editor'),
+ ];
+
+ // UW content author role.
+ $uw_roles['Content author'] = [
+ 'name' => 'Content author',
+ 'id' => 'uw_role_content_author',
+ 'object' => \Drupal\user\Entity\Role::load('uw_role_content_author'),
+ ];
+
+ return $uw_roles;
+ }
+
+ /**
+ * Get Uw content permissions array.
+ *
+ * @return array
+ * The array of all permissions for uw content access form.
+ */
+ public static function uw_get_permissions_array(): array {
+
+ $uw_permissions = [
+
+ // Blog permissions.
+ 'Blog' => [
+ 'Use content type' =>
+ UwPermissions::uw_build_role_permissions_list_content_type('uw_ct_blog'),
+ ],
+
+ // Event permissions.
+ 'Event' => [
+ 'Use content type' => UwPermissions::uw_build_role_permissions_list_content_type('uw_ct_event'),
+ 'Create/Edit tags' => UwPermissions::uw_build_role_permissions_list_taxonomy_term('uw_tax_event_tags', ['create', 'edit']),
+ 'Delete tags' => UwPermissions::uw_build_role_permissions_list_taxonomy_term('uw_tax_event_tags', ['delete']),
+ 'Create/Edit types' => UwPermissions::uw_build_role_permissions_list_taxonomy_term('uw_tax_event_type', ['create', 'edit']),
+ 'Delete types' => UwPermissions::uw_build_role_permissions_list_taxonomy_term('uw_tax_event_type', ['delete']),
+ ],
+
+ // News permissions.
+ 'News' => [
+ 'Use content type' =>
+ UwPermissions::uw_build_role_permissions_list_content_type('uw_ct_news_item'),
+ ],
+
+ // Site footer permissions.
+ 'Site footer' => [
+ 'Use content type' =>
+ UwPermissions::uw_build_role_permissions_list_content_type('uw_ct_site_footer'),
+ ],
+
+ // Special alert permissions.
+ 'Special alert' => [
+ 'Use content type' =>
+ UwPermissions::uw_build_role_permissions_list_custom('administer special alert'),
+ ],
+
+ // Web page permissions.
+ 'Web page' => [
+ 'Use content type' =>
+ UwPermissions::uw_build_role_permissions_list_content_type('uw_ct_web_page'),
+ ],
+ ];
+
+ return $uw_permissions;
+ }
+
+ /**
+ * Build uw role permissions list for content types.
+ *
+ * @param string $ct_name
+ * The machine name of the content type.
+ * @return array
+ * An array of the uw permissions.
+ */
+ public static function uw_build_role_permissions_list_content_type(string $ct_name): array {
+
+ // Build the permissions list for the content type.
+ $content_type_permissions_list = [
+ 'Site manager' => [
+ 'create ' . $ct_name . ' content',
+ 'delete any ' . $ct_name . ' content',
+ 'delete own ' . $ct_name . ' content',
+ 'edit any ' . $ct_name . ' content',
+ 'edit own ' . $ct_name . ' content',
+ 'revert ' . $ct_name . ' revisions',
+ 'view ' . $ct_name . ' revisions',
+ ],
+ 'Content editor' => [
+ 'create ' . $ct_name . ' content',
+ 'edit any ' . $ct_name . ' content',
+ 'edit own ' . $ct_name . ' content',
+ 'revert ' . $ct_name . ' revisions',
+ 'view ' . $ct_name . ' revisions',
+ ],
+ 'Content author' => [
+ 'create ' . $ct_name . ' content',
+ 'edit any ' . $ct_name . ' content',
+ 'edit own ' . $ct_name . ' content',
+ 'revert ' . $ct_name . ' revisions',
+ 'view ' . $ct_name . ' revisions',
+ ],
+ ];
+
+ return $content_type_permissions_list;
+ }
+
+ /**
+ * Build role permissions list for a custom permission.
+ *
+ * @param string $permission_name
+ * The machine name of the taxonomy term.
+ * @return array
+ * An array of the uw permissions.
+ */
+ public static function uw_build_role_permissions_list_custom(string $permission_name): array {
+
+ // The roles used for the uw permissions.
+ $uw_roles = UwPermissions::uw_get_roles();
+
+ // Step through each role and add permission.
+ foreach ($uw_roles as $uw_role) {
+
+ // Set the permission.
+ $uw_permissions[$uw_role['name']][] = [
+ $permission_name,
+ ];
+ }
+
+ return $uw_permissions;
+ }
+
+ /**
+ * Build role permissions list for taxonomy terms.
+ *
+ * @param string $tax_name
+ * The machine name of the taxonomy term.
+ * @param array $permission_types
+ * The list of permissions for the taxonomy term (create, edit and/or delete).
+ * @return array
+ * An array of the uw permissions.
+ */
+ public static function uw_build_role_permissions_list_taxonomy_term(string $tax_name, array $permission_types): array {
+
+ // The roles used for the uw permissions.
+ $uw_roles = UWPermissions::uw_get_roles();
+
+ // Step through each of the uw roles and setup list of permissions.
+ foreach ($uw_roles as $uw_role) {
+
+ // Step through each permission types and setup list of permissions.
+ foreach ($permission_types as $permission_type) {
+
+ // Set the permission.
+ $uw_permissions[$uw_role['name']][] = $permission_type . ' terms in ' . $tax_name;
+ }
+ }
+
+ return $uw_permissions;
+ }
+
+ /**
+ * Save UW permissions.
+ *
+ * @parm array $uw_roles
+ * The array of roles to be saved.
+ */
+ public static function uw_save_permissions(array $uw_roles) {
+
+ // Step through each of the roles and save the role object,
+ // so that the permissions get saved.
+ foreach ($uw_roles as $uw_role) {
+
+ // Save the role object.
+ $uw_role['object']->save();
+ }
+ }
+}
\ No newline at end of file
--
GitLab